Powershell : How to get Application and Systems Logs From Event Viewer

I would like to show how-to work with events under Applications and system Logs using Powershell. Whether it’s an error report, a warning, or just an informational log, one of the most common places for Windows to write logging information is to the event logs. Let we some of the reason to view the window’s log,

Checking for errors after an unexpected restart.

To check the reason for service stop.

The Get-Eventlog cmdlet is a powerful and flexible way of pulling data out of the event logs, both in interactive sessions and in scripts. The below code will execute and output the system and application error from the local computer

Example:

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

#Get log detail using Get-Eventlog cmdlet and here we filter by System Log.

#The -Newest 50 parameter, will get first 50 recent entries from a specific event log on the local computer.

Execution on Remote Computers:

We don’t have credential parameter in the Get-EventLog. So Instead of the Get-EventLog you may use the Get-WinEvent ,which support param the -Credential or use the Get-WmiObject and class Win32_NTLogEvent